Published: 03 December 2015

Top tips for a cyber-safe Christmas

If you’ve swapped the high street for online shopping and use internet apps to keep in touch, make sure you’re surfing safely this Christmas with these tips from Professor Alan Woodward from the Department of Computer Science.

1. Check your system 

Make sure your machine is running the latest version of your operating system (whether Windows or OS10) and you install system updates when they’re available.

An out-of-date virus checker is also only marginally better than none at all. Malicious software is being adapted at an increasing rate. Hundreds of thousands of new variants appear each year in addition to completely new strains, so the set of malware that your virus checker knew about when you first installed it is out of date very quickly. Hackers know many of us fail to keep our systems up to date so they tweak the malware in the hope that the virus checker will miss it.

Update both your virus checker and operating system as regularly as you can. If you don’t use your machine very often, do your updates before you start checking emails or visiting your bank’s website.

2. Pick a good password

Passwords are a terrible way of securing systems, but sadly they are here for a while longer. To help keep your personal details safe, you need to practice good password hygiene: use string passwords, don’t share passwords (either between people, websites or systems) and don’t write them down.

You probably have more accounts than you can possibly remember, so consider using a reputable password manager such as LastPass. Then, use two factor authentication (such as Google’s 2-Step Verification), where possible, to protect your online accounts. This involves using a password and another form of identification - for example, the system might send a single-use code to your mobile phone which you need to type in before you can access your account.

Most people know how to deal with passwords, but we’re all lazy and take shortcuts. Don’t learn the hard way that this is not a good idea. 

Find out more about picking good passwords in this video.

Password tips

  • Use a minimum of eight characters
  • Make sure you randomise the use of passwords between different sites

One way to create a password is to choose a phrase you will remember, pick all the first or last letters from each word and then substitute some letters with numbers and symbols. You could then apply capitals to some letters or add some punctuation.

Example phrase: Why do I find passwords so hard to remember?

  • Use first letters only: Wdifpshtr?
  • Swap some letters for numbers: Wdifp5h2r?
  • Swap some letter for symbols: Wd!fp5h2r?

3. Watch out for flash

Adobe Flash, a tool used to create some online games and animations, is one of the most common ways PCs get infected with malware, so think about disabling it over Christmas.

Adobe is not recommending the use of flash any more (as explained here), in part because of security concerns.  

4. Think twice, click once

As the Christmas deals newsletters start stacking up in your inbox, it’s easy to forget that not all emails bring festive cheer.

Most hacks begin this way – you receive an email and you open an attached document or visit a link that gives you a convincing reason why you have to download something on your computer or phone. Either way, it’s an easy way for bad guys to install malware on your machine.

Think twice, click once. If something is unexpected don’t trust it - delete it.

5. Beware of human error

Don’t assume that just because your machine is using the latest versions of everything, and you have the full array of security software installed, that you are surfing safely. The weakest link in any security chain is us humans.

We fall for scams, we do silly things and we suffer from security fatigue very quickly. Worst of all we assume it won’t happen to us – until it does.

But keep in mind these simple rules and how they apply to you, and you can avoid giving the hacklers a merry Christmas this year.

Learn more about our Computer Science degrees and research in the Department of Computer Science.

Share what you've read?